Groups Challenge FCC Rules Extending CALEA Obligations to Interconnected VoIP Service Providers and Broadband Internet Access Service Providers
On October 25, 2005, a collection of privacy, high-tech, and telecommunications groups (“Joint Petitioners”) appealed to the U.S. Court of Appeals for the District of Columbia Circuit, the Federal Communication Commission’s (“FCC”) decision to extend the reach of the Communications Assistance for Law Enforcement Act, 47 U.S.C. §§ 1001-21 (“CALEA”) to facilities-based broadband Internet access service providers and interconnected voice over Internet protocol (“VoIP”) service providers.1 The basis for the Joint Petitioners’ appeal is that CALEA excluded the Internet from its obligations and therefore the FCC is without jurisdiction to issue the new rules. The Joint Petitioners also are concerned that the new rules impose a burdensome government mandate on innovators and pose a threat to Internet users’ privacy. The FCC issued the text of its CALEA Order on September 23, 2005. At the same time, the FCC also issued a Further Notice of Proposed Rulemaking (“NPRM”) to consider whether certain classes or categories of these providers should be exempt from CALEA’s requirements and whether to extend CALEA obligations to VoIP services not covered in the current Order. The FCC is expected to issue another order in the next few months addressing many of the key substantive implementation issues under CALEA such as cost recovery, standards, and enforcement.
Entities subject to CALEA must design (or redesign) their networks to make law enforcement surveillance easier. The express language of CALEA makes it applicable to “telecommunications carriers” but not providers of “information services.” First enacted in 1994, CALEA subjected only traditional wireline and wireless telephony services to law enforcement wiretaps. However, in response to the increasing number of voice communications transmitted over the Internet, in 2004, federal law enforcement agencies (Justice, FBI and DEA) jointly sought expanded authority to conduct surveillance of the networks that carry these communications. In its September Order, the FCC accommodated the law enforcement agencies’ request and imposed CALEA obligations on facilitiesbased broadband Internet access providers and interconnected VoIP service. For purposes of CALEA, the FCC used the definition of “interconnected VoIP service providers” promulgated in its VoIP E911 Order (see Update dated July 28, 2005). Interconnected VoIP service providers have the following characteristics: (1) the service enables real-time, two-way voice communications; (2) the service requires a broadband connection from the user’s location; (3) the service requires IPcompatible CPE (handsets); and (4) the service permits users to receive calls from the PSTN and to terminate calls to the PSTN. Although it referenced the VoIP E911 definition, the FCC also appears to have gone further, stating that a service merely offering the “capability” for users to receive calls from and terminate calls to the PSTN, would be “interconnected VoIP” for purposes of CALEA. The FCC could apply its rules to any entity meeting this definition, which would encompass a broad array of VoIP providers such as location-specific VoIP services provided by, for example, cable television companies as well as “nomadic” VoIP services provided by Vonage and others, as well as any other VoIP service with the capability to connect to the PSTN.
The application of the rules to providers of broadband Internet access services extends to providers of cable modem, DSL, satellite, wireless, fixed wireless, and broadband over powerline services. The Commission defined “broadband” as services with the capability to support upstream or downstream speeds in excess of 200 kilobits per second (“kbps”) in the last mile. The Commission determined it had the authority to impose CALEA obligations on these services despite their classification as “information services” under the Communications Act explaining that CALEA’s definition of “telecommunications” is much broader than under the Communications Act and that unlike the Communications Act, CALEA does not mandate that an integrated service offering being considered as solely a “telecommunications service” or an “information service.” The FCC concluded that the telecommunications components of Information services (specifically switching and transmission functions that serve as a replacement for a substantial portion of the local telephone exchange service) may be “separated out” for regulatory purposes under CALEA. The FCC then determined that only the “switching and transmission” components of modem service, which encompasses activities such as e-mail transmission, are subject to CALEA but not other aspects such as “e-mail storage,” “web-hosting,” “DNS functions,” or any other “ISP functionality.” Technical capabilities and standards for law enforcement to set wiretaps or other devices remain to be worked out. In order to allow for these discussions and for newly covered entities to come into compliance with CALEA requirements, the new rules will not be effective for another eighteen (18) months.
In a further NPRM, the FCC will consider whether certain classes or categories of facilitiesbased broadband Internet access providers, such as small or rural providers or providers of broadband networks for educational and research institutions, should be exempt from CALEA. The FCC will also consider whether other “managed” or other non-interconnected VoIP providers should be covered.
The CALEA Order and the FCC’s recent decision to impose E911 obligations on interconnected VoIP service providers suggests that Chairman Martin is willing to move aggressively in establishing additional regulatory obligations for VoIP and broadband. However, it is too early to tell whether the FCC’s actions will be upheld on appeal.
If you have any questions or would like to review the implications, please contact us.
1 A separate Notice of Petition was filed by the American Council on Education, a higher-education trade group concerned about the cost of reconfiguring colleges and universities’ IT networks.